Phishing attempts targeting cryptocurrency users are on the rise, with Ledger wallet users becoming the latest victim of a deceptive email scam.
Blanket emails are being distributed in November 2024, titled “Action Required: Ledger Data Breach – Check Your Recovery Phrase” and urging users to click the link and “Verify Now”. The emails come from “[email protected]”.
We hope all crypto users are savvy enough to know the emails are scams or phishing attempts designed to get users to hand over their wallet seed phrases. Anyone who does so will swiftly find their wallet drained.
Below, we will investigate some common impersonated crypto organizations or projects and help you protect yourself.
- Crypto phishing scams targeting major platforms like Ledger and 3Commas are increasing.
- Scammers impersonate brands like MetaMask, Uniswap, and Lido Finance.
- Emails promise rewards or reimbursements to trick users into revealing private keys.
- Protect yourself by verifying email authenticity and enabling 2FA.
- Always use official platforms and never share your seed phrase.
Crypto Scammers Impersonating Big Brands
Aside from Ledger, scammers have also been trying to impersonate other significant players in the crypto industry.
For instance, they have targeted users of Uniswap, MetaMask, and Lido Finance with phishing emails claiming to offer rewards and airdrops.
3Commas Scam Attempts
An email designed to fool trading platform 3Commas users an email titled “Reimbursement Plan” and leads users to claim their “share” of a reimbursement plan by clicking a malicious link.
“We are delighted to share that you are now eligible for reimbursement in response to the hacks we suffered, which resulted in the disclosure of customer API keys,” the phishing email read.
@3commas_io
Phishing alert pic.twitter.com/COJqXve5Ms— M (@KukraniMahesh) November 2, 2023
However, the company quickly warned its users, clarifying that the fraudulent emails were not sent from the 3Commas platform. “We strongly advise against engaging with any suspicious links or disclosing personal information in response to unsolicited emails,” the company said.
The company urged affected users to take immediate action by logging into their 3Commas accounts and resetting their passwords. Additionally, it recommended activating Two-Factor Authentication (2FA) using Google Authenticator to enhance security.
These phishing emails were distributed through an email service called Mailmuch.io.
Lido Finance Airdrop Scam Attempts
Meanwhile a fake email purporting to be from Lido reads:
“LDO Airdrop can be claimed by early Lido stakers. Here you can find a list of addresses for which airdrops are available. Click the “Claim airdrop” button below to visit our claims page. Connect your wallet with either MetaMask or WalletConnect & check eligibility.”
With one click, an unsuspecting user could find themselves in their wallet, authorizing a connection to let a scammer straight into their funds.
MetaMask Scam Attempts
An email purporting to be from MetaMask, again with a direct link to WalletConnect, reads:
“Dear Metamask Community,
“Introducing the Metamask $2 Million Ethereum Airdrop!
“We hope this message finds you well. We have some thrilling news to share that will make your crypto journey even more exciting. Metamask is proud to announce our largest Airdrop ever, and we want you to be a part of it!”
Uniswap Scam Attempts
And similarly, for Uniswap:
“Thanks for your interest in the Uniswap Labs’ Newsletter!
“You’ve received this message because your email address has been registered with our site. Please click the button below to verify your email address and confirm that you are the owner of this account.
“After confirming your email, receive your complimentary $UNI sent to your connected address.”
These are just a few examples of many phishing attempts — all driving you to connect your wallet in return for an airdrop or reward, and all of them playing on the old adage: “They offer you something for nothing, and in return, they give you nothing for something.”
How to Protect Against Phishing Scams
To protect themselves against crypto phishing scams, users should adopt a skeptical approach when dealing with emails. It is essential to treat every email with caution, especially those that claim to be from crypto platforms or service providers.
Additionally, users must pay close attention to the sender’s email address. Phishing emails often mimic legitimate addresses but contain slight variations or misspellings. It is recommended that users double-check the sender’s details and compare them to official contacts provided by the crypto platform or service.
It is also important to verify URLs before clicking on them. Users can hover their cursor over any links in the email without clicking on them to reveal the actual URL, making sure that the URL matches the official website of the crypto platform or service.
Likewise, users must be wary of direct messages received on Discord, Telegram, or Twitter, particularly if they claim to be team members or ask you to connect to a decentralized application (dApp).
Moreover, implementing 2FA adds an extra layer of security to your crypto accounts. By requiring a second verification step, such as a unique code generated by an authentication app, users significantly reduce the risk of unauthorized access.
Lastly, protecting private keys and seed phrases is crucial. Users should avoid storing them on password sites or cloud-backed photos to prevent unauthorized access.
The Bottom Line
As the crypto industry continues to thrive in a bull run, users need to remain vigilant and skeptical of any unsolicited communication.
Sometimes, scam attempts are obvious, and sometimes, they are well-disguised.
It is best to assume email (or Discord and Telegram) communications are unsafe until proven otherwise, and only login through the authentic homepage of a service (also treading carefully around the sponsored links at the top of search engines).
Because “not your keys, not your crypto” and it is a lucrative payday for any scammer who gets your keys.